summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorDavid Ahern <dsahern@gmail.com>2018-02-06 12:14:12 -0800
committerDavid S. Miller <davem@davemloft.net>2018-02-07 21:52:06 -0500
commit58e354c01b1906b603dcdb28ec35250b09eac625 (patch)
tree65ebc8f3b280af5bdc609859f3ec880a9beb9af1 /net
parentc861ef83d771362ed0475cd510eb56cf4126ef34 (diff)
downloadlinux-58e354c01b1906b603dcdb28ec35250b09eac625.tar.gz
linux-58e354c01b1906b603dcdb28ec35250b09eac625.tar.bz2
linux-58e354c01b1906b603dcdb28ec35250b09eac625.zip
net/ipv6: Handle reject routes with onlink flag
Verification of nexthops with onlink flag need to handle unreachable routes. The lookup is only intended to validate the gateway address is not a local address and if the gateway resolves the egress device must match the given device. Hence, hitting any default reject route is ok. Fixes: fc1e64e1092f ("net/ipv6: Add support for onlink flag") Signed-off-by: David Ahern <dsahern@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r--net/ipv6/route.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index fb2d251c0500..69c43d289c69 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -2488,7 +2488,8 @@ static int ip6_route_check_nh_onlink(struct net *net,
err = 0;
grt = ip6_nh_lookup_table(net, cfg, gw_addr, tbid, 0);
if (grt) {
- if (grt->rt6i_flags & flags || dev != grt->dst.dev) {
+ if (!grt->dst.error &&
+ (grt->rt6i_flags & flags || dev != grt->dst.dev)) {
NL_SET_ERR_MSG(extack, "Nexthop has invalid gateway");
err = -EINVAL;
}